Menu
I am working through this tutorial setting up Docker, and I'm finding that all of their examples are written like
docker run hello-world
but when I try it, it says permission denied on a socket and I have to do
sudo docker run hello-world
to run the examples. Why are root privileges necessary even for these simple examples?
269
The Docker daemon binds to a Unix socket instead of a TCP port. By default that Unix socket is owned by the user root and other users can only access it using sudo .
The installation script requires root or sudo privileges to install and use Docker. If you want to grant non-root users access to Docker, refer to the post-installation steps for Linux. Docker can also be installed without root privileges, or configured to run in rootless mode.
A sys admin can use the sudo command to grant users access to Docker containers. To prevent security risks, understand the implications of sudo, root access and Docker groups. The root user accesses the Docker daemon and sockets on the host, with the ability to read and write images.
Running the container as root brings a lot of risks. Although being root inside the container is not the same as root on the host machine (some more details here) and you're able to deny a lot of capabilities during container startup, it is still the recommended approach to avoid being root .
Running a docker container requires the user to be a member of the docker group. By default, when you install docker, the only user that is added to it is root. You can add your own user to this group if you want to run docker containers from it.
68
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
